Rivas Goldstein, LLP

Call Our Austin Office: 800-761-5190

Celebrating Our 20th Year Representing the Interests of Health Care Professionals and Entities

An Austin Firm Dedicated to
Health Care Law

Attorneys Image

What should my private practice know about cybersecurity?

Leaders in private practices know that they face significant cyber risks, yet many remain vulnerable. The healthcare sector has lagged behind other industries in cyber-readiness, even though the urgent need to avoid any potential slow downs make the healthcare sector a prime target for cyber-attacks.

Recent ransomware attacks highlight the critical nature of healthcare infrastructure security and draw attention to the damage caused by this threat. These breaches can and have resulted in:

  • Extended care disruptions. Cyber incidents cause multi-week outages, disrupting care. The impacted facilities may need to send patients to other facilities and cancel medical appointments.
  • Staffing frustrations. The damage from a cyberattack will also impact the medical team’s workload. Physicians, nurses, and other medical professionals will likely need to work even longer to help provide for their patients when these systems are compromised — adding even more strain to an already stressed workforce.
  • Financial impact. A single breach can cost a hospital millions in fines, litigation, and reputation damage. It is also important to note that the HHS is considering further regulations to address this issue — a violation of which could result in additional penalties.

Healthcare organizations are wise to invest in cybersecurity to protect patient care, financial stability, and legal standing. The consequences of inadequate protection are far-reaching, underscoring the need for proactive measures.

How can healthcare systems reduce the risk of a cyber-attack?

It is important to put security measures in place to protect your facility’s systems. Use of technology helps to improve patient outcomes and provide more support for healthcare workers. Unfortunately, it can also open the facility up to these threats. Steps that can help to reduce the risk vary for each organization but can include updated security measures and the use of multi-factor authentication.

Attorney John Rivas is responsible for this communication.